Review the following deployment guidelines and security
considerations as you plan your deployment.

MDM Device Management Server
Placement

MDM Device Management Server is a domain member and
should be located within the internal network. Only one instance of
MDM can exist per Active Directory® forest.

SQL Considerations

To install the required MDM databases successfully, the
account that executes the MDM Device Management Server installation
script must have local administrator credentials on the computer
that is running Microsoft® SQL Server®.

Communication Between the Gateway
Server and the Device Management Server

By design, at no point should MDM Gateway Server
initiate inward-bound sessions. Only authenticated clients can
initiate sessions.